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Description 



IVIETHOD OF SELECTIVELY BUILDING 
REDUNDANT LOGIC STRUCTURES TO 
IIVIPROVE FAULT TOLERANCE 

Background of Invention 

[0001] FIELD OF THE INVENTION 

[0002] jhe present invention relates generally to selective fault 

protection for logic functions in an IC design, and more 
particularly to a new HDL extension at the RTL for desig- 
nating particular logic functions as fault tolerant and a 
method of implementing a fault redundant scheme for 
those logic functions designated as fault tolerant. 

[0003] BACKGROUND OF THE INVENTION 

[0004] por the design of integrated circuits (IC) technology on a 

very large scale, designers typically employ computer 
aided design (CAD) tools. Hardware description languages 
(HDLs) or other standard languages are typically used to 
describe ICs and facilitate the design and simulation of 



complex digital ICs. Common HDLs include the open lan- 
guages, VHDL and Verilog. VHDL and Verilog are all- 
purpose HDLs that utilize abstract data types to define a 
hardware model at the gate level, the register-transfer 
evel (RTL), or the behavioral level. 
[0005] At the R7|_^ a description of the IC written in HDL is typi- 
cally referred to as the RTL description or the RTL code. At 
the RTL, a description of the system specifying all regis- 
ters (whether instantiated or inferred), and combinational 
logic in between them (using logical statements, etc.) is 
outlined. The RTL description or code specifies the clock- 
by-clock behavior of the system. The RTL description or 
code of an IC describes the circuit in terms of a plurality 
of digital registers, clocking circuits, and logic elements 
that are combined to implement the desired function of 
the circuit. 

[0006] After creation of the RTL code, a designer uses a logic 

synthesis tool to map the IC design to a target technology, 
e.g., a field-programmable gate array (FPGA) or applica- 
tion specific integrated circuit (ASIC). Thereafter, each 
logic function, e.g., combinational logic block (CLB) for 
FPGAs, is assigned to a location on the chip and signals 
are routed with wires on the chip to appropriate other 



logic functions. 

[0007] In many prior art ICs, even a single logic fault can cause 

improper operation resulting in data integrity errors or a 
system crash. Such a scenario can occur with either a soft 
error, i.e., temporary fault due to radiation, or a perma- 
nent fault. Prior art IC design methodology treats each of 
the logic functions in an IC design the same and fails to 
provide away for providing fault protection to particular 
logic functions. In addition, providing additional fault pro- 
tection to all of the logic functions in the IC typically in- 
creases the amount of area required by the IC and thus 

the overall size of the IC. 
Summary of Invention 

[0008] One aspect of the present invention is a method of build- 
ing fault tolerant logic functions in an integrated circuit. 
The method includes the following steps: creating an in- 
tegrated circuit design description using a hardware de- 
sign language at the register-transfer level; adding a fault 
tolerant operator to the particular logic functions in the 
integrated circuit design description; and building redun- 
dant copies for the particular logic functions having a 
fault tolerant operator. 

[0009] Another aspect of the present invention is a method of 



creating fault tolerant logic functions during design of an 
integrated circuit using a HDL at the RTL and a logic syn- 
thesis tool. The method includes the following steps: cre- 
ating an integrated circuit design description using the 
hardware design language at the RTL; adding a fault toler- 
ant operator to each logic function in the integrated cir- 
cuit design description; processing the integrated circuit 
design description through the logic synthesis tool after 
the adding step; and including a fault redundant scheme 
in the integrated circuit design description for each logic 
function having a fault tolerant operator. 
[0010] Still another aspect of the present invention is a system 

for creating fault tolerant logic functions during design of 
an integrated circuit using a HDL at the RTL and a logic 
synthesis tool. The system includes the following: means 
for creating an integrated circuit design description using 
the hardware design language at the RTL; means for 
adding a fault tolerant operator to each logic function in 
the integrated circuit design description; means for syn- 
thesizing the integrated circuit design description after 
the means for adding step; and means for building fault 
redundancy into the integrated circuit design description 
for each logic function having a fault tolerant operator. 



[0011] Other features, utilities and advantages of various embod- 
iments of tlie invention will be apparent from the follow- 
ing more particular description of embodiments of the in- 
vention as illustrated in the accompanying drawings. 
Brief Description of Drawings 

[0012] For the purpose of illustrating the invention, the drawings 

show a form of the invention that is presently preferred. 
However, it should be understood that the present inven- 
tion is not limited to the precise arrangements and instru- 
mentalities shown in the drawings, wherein: 

[0013] FIG. 1 is a portion of a sample VHDL code at the RTL for 

designating particular logic functions as fault tolerant ac- 
cording to one embodiment of the present invention; and 

[0014] FIG. 2 is a block diagram of a fault redundant scheme ac- 
cording to one embodiment of the present invention. 
Detailed Description 

[0015] jhe present invention is directed to a new HDL extension 

at the RTL for designating particular logic functions as 
fault tolerant and a method and system of implementing a 
fault redundant scheme for those logic functions desig- 
nated as fault tolerant. An example of the disclosed in- 
vention is depicted in FIGS. 1 and 2, although it should be 



understood that the present invention is not limited to 
this (or any other) particular embodiment, but rather is in- 
tended to cover any HDL extensions, methods, or systems 
of implementing a fault redundant scheme that fairly fall 
within the broad scope of the appended claims. In the 
drawings, like elements include like element numbers. 
[0016] Referring now to the drawings, FIG. 1 illustrates a sample 

HDL code 20. Code 20 is written in VHDL at the register- 
transfer level (RTL) and includes instructions for adding 
the operator "FT" to certain logic functions. In this exam- 
ple, the FT operator is placed on the "outl" logic function 
to designate it as a fault tolerant function. In this exam- 
ple, the "outl" signal is composed of a logic "or" of two 
signals, i.e., outl = inl or in2. Logic functions that in- 
clude the FT operator are considered critical functions, 
i.e., fault tolerant. As one skilled in the art will appreciate, 
code 20 is but one example of myriad HDL code that may 
be used to designate particular logic functions as fault 
tolerant. 

[0017] As explained above, generally one of the first steps in de- 
signing an IC such as a FPGA is to delineate a logic design 
in a standard HDL language such as VHDL or Verilog. 
Again, this is typically done at the RTL and is often re- 



ferred to as the RTL code. After developing the RTL code, 
a designer runs a logic synthesis tool (not shown) to map 
the design delineated by the code to a target technology, 
i.e., FPCA or ASIC. As one skilled in the art will appreciate, 
the synthesis tool used must be enabled to recognize the 
FT operator of the present invention. 

[0018] As part of a typical IC design process, the logic synthesis 

tool maps the RTL design to the target technology. By in- 
cluding the FT operator of the present invention, during 
the mapping process, the logic synthesis tool is alerted to 
the functions that have been designated as fault tolerant. 
As a result and as illustrated in FIG. 2, the logic synthesis 
tool is preprogrammed to cause the design of the IC to 
include a fault redundant scheme 30 for the logic func- 
tions that include the FT operator, i.e., those that have 
designated as fault tolerant. 

[0019] Referring now to FIG. 2, a fault redundant scheme 30 is 

automatically implemented by the synthesis tool for each 
logic function that includes the FT operator, i.e., each 
logic function that is tagged as fault tolerant. FIG. 2 illus- 
trates one possible scheme 30 for implementing a fault 
tolerant structure in hardware. As one skilled in the art 
will appreciate, the use of the FT operator and corre- 



sponding fault redundant scheme 30 can be implemented 
in any technology, e.g., including programmable logic as 
well as standard cell. In this example, the logic synthe- 
sizer recognized that a function in the RTL used the FT 
operator. As a result, fault redundant scheme 30 was in- 
cluded in the FPGA design. In one embodiment, fault re- 
dundant scheme 30 includes three copies of the function's 
logic, i.e.. Copy A 32, Copy B 34, and Copy C 36, as well 
as a majority voter 38. Each copy (A, B, and C) implements 
the identical logic function and they are connected to the 
voter 38 where they are compared to ensure that the out- 
puts of all three copies match. Having three copies of a 
logic function provides fault tolerance, so voter 38 can 
detect and correct any single logic error that occurs within 
any of these copies. Of course, in other embodiments, 
more complex fault redundancy schemes may be devised, 
e.g., more than three copies or a plurality of voters. 
[0020] In use, inputs 40 are first introduced to copies 32, 34, and 

36 of fault redundant scheme 30. Next, the output from 
each copy 32, 34, and 36, i.e., OutA, OutB, and OutC, re- 
spectively, are transmitted to voter 38. Voter 38 deter- 
mines if a mismatch exists between OutA, OutB, and 
OutC. Voter 38 works on a majority basis with the major- 



ity input from OutA, OutB, and OutC determining tlie cor- 
rect output, i.e., output 42, to be transmitted to down- 
stream logic. Additionally, voter 38 produces one error 
signal, i.e., A bad, B bad, C bad, for each copy that it 
checks, i.e., copy 32, 34, and 36. This provides fault iso- 
lation, so when an error signal is asserted, i.e., A bad, B 
bad, C bad, the redundant copy that is failing, i.e.. Copy 
A, Copy B or Copy C, is taken offline. 

[0021] Embodiments of the present invention include both a 

method and a system for including a new HDL extension 
at the RTL so users may specify which functions to protect 
from faults, i.e., the FT operator discussed above. Of 
course, every function in a design may be protected. How- 
ever, by only providing fault tolerance for particular de- 
sign functions, the overall IC area required may be mini- 
mized. The FT operator allows users to balance the area 
overhead of implementing fault tolerance versus the extra 
protection that it provides on a function by function basis. 

[0022] While the present invention has been described in con- 
nection with specified embodiments, it will be understood 
that it is not so limited. On the contrary, it is intended to 
cover all alternatives, modifications and equivalents as 
may be included within the spirit and scope of the inven- 



tion as defined in tlie appended claims. 



